China Academy of Railway Sciences (CARS) - Case Study

Innovative new control system demands adherence to highest quality safety standards

The China Academy of Railway Sciences (CARS), nurtures technological innovation and core competitiveness in railway transportation, integrating scientific research, development, production and consultation and winning more than 800 prizes for its scientific research since its founding in 1950.

CARS initiative has driven commercialisation and enterprise of railway sciences and so examined new ways to manage the development and testing of a new communications signal control system that had to meet the stiffest of high-speed rail standards – the EN 50128 SIL Level 4.

In addition to meeting regulatory challenges, CARS was faced with a complex system that used various hardware platforms, including PowerPC, ARM, and x86, as well as Linux and multiple RTOS and development platforms.

CARS needed software verification tools able to provide MISRA C and MISRA C++ programming standards checking, metrics analysis, unit and integration testing and MCDC code coverage analysis on all of the development platforms. In-house tools no longer made sense.

“A signal control system involves a lot of embedded software that must all be developed and verified,” noted Mr. Dengke Xu, Test Manager of CARS. “Our greatest challenge was to find a solution which could help us achieve all these objectives while supporting the various embedded microprocessors and operating systems.”

LDRA delivers comprehensive solution

CARS decided the best way to manage the multiple platforms and development environments was through a third-party certification provider. And, with nearly 40 years of working in the embedded space, LDRA had already ported its tool suite to all the microcontroller and microprocessor platforms and supported all versions of IDE and RTOS used in the project.

As well, CARS needed a broad portfolio of verification services. The safety integrity level for each smart instrument in the signal control system determined the extent of software testing. For EN 50128, SIL Level 1, CARS had to run static analysis to expose any significant coding errors. For SIL Level 2, where additional stringency is required, dynamic analysis ensures that the code executes as specified.

“Most software testing tools can provide static analysis, but dynamic analysis is not as easy to achieve in embedded systems. To make matters worse, we also needed unit and integration testing,” pointed out Xu. “The LDRA tool suite supported all of embedded platforms very well, provided a comprehensive list of verification services and was easy to configure and use. LDRA was the best option.”

LDRA command line offers easy access to all tools on all platforms

To comprehensively address the software development lifecycle, the LDRA tool suite automates a broad portfolio of integrated test and verification competencies.

“Whether we were doing static analysis, unit or regression testing, or confirming MISRA C/C++ compliance, we could invoke and run the LDRA tools directly from a command-line interface,” continued Xu. “Such openness, enabled us to work easily with our various development environments and RTOSs regardless what hardware platform we were verifying at the time. No other providers included this feature as part of the baseline tool suite.”

The integration and broad support of the LDRA tool suite increased testing efficiency, delivering immediate cost savings and improved quality.

LDRA now part of all CARS software projects

The LDRA tool suite has continued to help CARS extend its prowess in designing quality high-speed rail technology, securing four more EN 50128 certified systems. The LDRA tool suite now plays a baseline role in CARS development, enforcing MISRA C and MISRA C++ compliance in all CARS software projects.